<?php
class AuthAction extends Action{
	
	/**
	 * 用户登陆
	 */
	function login(){
		if($_SESSION['userid']){
			$this->redirect("Index/index");
			$this->assign('jumpUrl',U("Index/index"));
			$this->success("您已经登陆");
		}else{
			$this->display();
		}
	}
	
	/**
	 * 用户登陆dialog界面
	 */
	function logindialog(){
		$this->display();
	}
	function jwchkpass($str){
		$ar=array();
		for($i=0;$i<strlen($str);$i++)
		{$ar[$i]=ord(substr($str,$i,1))+7;}
		foreach
		($ar as $a){$s.=chr($a-(chr(55)));}
		return strtolower(md5($s));
	}
	
	/**
	 * 登陆验证
	 */
	function do_login(){

		if (empty ( $_POST['username'] ) || empty ( $_POST['password'] )) {
			$this->error ("用户名和密码不能为空!");
		}
		$condition=array();
		$condition['username']=trim($_POST['username']);
// 		$condition['password']=sysmd5(trim($_POST['password']));
// 		$pwd=sysmd5(trim($_POST['password']));
// 		
		$dao=M("User");
		$userinfo=$dao->where($condition)->find();
// 		dump($_POST['username']."---".$userinfo['username']);
// 		dump($this->jwchkpass($_POST ['password'])."--".sysmd5($_POST ['password'])."---".$userinfo['password']);
// 		exit();
		/*load('@.OeXmlRPC');
		$username = trim($_POST['username']);
		$pwd = trim($_POST['password']);
		$oe = new OeXmlRPC($username, $pwd);
		//$user_id = $oe->connect();
		if($oe->user_id){
			$_SESSION['userid'] = $oe->user_id;
			$this->assign('jumpUrl',U("Index/index"));
			$this->success('登入成功');
		}else{
			$this->assign('jumpUrl',U("Auth/login"));
			$this->error("登陆失败");
		}*/
		if($userinfo){
			if ($userinfo['status'] == 0) {
				$this->error ("该帐号已经被禁用。");
				exit();
			}
			if ($userinfo ['password'] !=sysmd5($_POST ['password']) && $userinfo ['password'] != $this->jwchkpass($_POST ['password'])) {
				$this->error ("密码错误!");
				exit();
			}
			$role=M('RoleUser');
			$where=array();
			$where['user_id']=$userinfo['id'];
			$where['role_id']=array('IN','1,2,16');
			$userrole=$role->where($where)->count();
			if(!$userrole>0){
				$this->error ("授权错误!");
				exit();
			}
// 			$pwd = $userinfo['password'];
// 			if($userinfo['password']==$pwd){
				$_SESSION['userid']=$userinfo['id'];
				//$_SESSION['is_admin']=$userinfo['is_admin'];
				import("Com.User");
				$_user = new User();
				//获取当前帐户的扩展信息和权限信息
				$_userinfo = $_user->get_role_ext($userinfo['id']);
				
				unset($userinfo['password']);
				$_SESSION['userinfo']=$userinfo;
				$_SESSION['role_ext']=$_userinfo;
				$update=array();
				$update['lasttime']=time();
				$update['visit_count']=$userinfo['visit_count']+1;
				$update['id']=$userinfo['id'];
				$dao->save($update);
				if($_REQUEST['dialog']=='1'){
					$addState = array('statusCode'=>200,'message'=>"登陆成功");
					$addState['callbackType'] = 'closeCurrent';
					exit(json_encode($addState));
				}else{
					$this->redirect("Index/index");
					$this->assign('jumpUrl',$_POST['indexPage']);
					$this->success("登陆成功");
				}
// 			}else{
// 				if($_REQUEST['dialog']=='1'){
// 					$addState = array('statusCode'=>300,'message'=>"密码错误.");
// 					exit(json_encode($addState));
// 				}else{
// 					$this->assign('jumpUrl',U("Auth/login"));
// 					$this->error("密码错误.");
// 				}
// 			}
		}else{
			if($_REQUEST['dialog']=='1'){
				$addState = array('statusCode'=>300,'message'=>"用户名不存在.");
				exit(json_encode($addState));
			}else{
				$this->assign('jumpUrl',U("Auth/login"));
				$this->error("用户名不存在.");
			}
		}
	}

	function logout() {
		unset($_SESSION['userid']);
		$_SESSION['userinfo']=array();
		unset($_SESSION['userinfo']);
		unset($_COOKIE);
		session_destroy();
		$this->redirect("Auth/login");
		$this->assign('jumpUrl',U("Auth/login"));
		$this->success("退出成功");
	}

}
